Slashdot Mirror
Why Isn't SPAM Regulated Like Fax?
byronne asks: "It seems like spam has escalated so much lately that it seems to actually become a quantifiable bandwidth waster. The less bandwidth available, the less productivity due to spam-dedicated bandwidth is lost. Being primarily a phone system transmitted medium, why can't unsolicited junk email be regulated and controlled like junk fax? Just a simple question that I haven't seen anybody ask or relate together." SPAM is becoming more and more of a problem with today's e-mail. I used to find e-mail a valuable tool for communication, but even with filters, folders and SPAM software, I spend more time culling my inbox than I do reading mail (and if I see one more mail with "allhallowmas" in the title, I'm going to go postal!). Is regulation the answer? Many people fear such a move, but might it be time to give it some serious thought?
To what extent is fax regulated? Is it on a national level, or on the state level? More states are starting to impose anti-SPAM laws, so this hardly seems like a revolutionary idea...
This sig intentionally left justified.
That would be akin to paying diesel fuel prices for your home heating oil. You dont. Automotive fuel, even when it is the same as home fuel, is regulated and taxed differently. So, saying that all cars and truck owners are taxed 70 cents for a gallon of fuel oil, so all homeowners should be (just because many or most use the same oil) wouldnt be a good idea.
Expanding a regulation to cover all aspects of the 'net because most use, for a limited portion of it's operations, certain otherwise regulated technologies would be difficult just based off the fact that many 'Net offerings dont qualify for those regulations - meaning no "jurisdiction"for lack of a better word...
-Rob
WebMaster:
BinFeeds
XXX Thumbnailed Image Newsgroups but
Regulating email will only result in higher cost and incomprehensible rules which hinder normal use. If there is any regulation which is needed at all it's that everybody has the right to reject email as he sees fit. A better way is to give people the tools to reliably detect unwanted mail. For some that may be just commercial email, for others "unwanted" may include political email. We need tools, not rules.
I'll follow the assumption that since faxes kill trees that they would be regulated. The 'Net just kills a few rods and cones.
What those who want activist courts fear is rule by the people.
Because SPAM has a marginal cost of $0, to both sender and receiver.
It doesn't REALLY cost anyone anything more that you're sending 100,000 pieces of mail versus 1000 to a campus-wide discussion group, EXCEPT for the time that the 100,000 people receiving it must spend deleting the mail.
Honestly, in this day and age a 2,000 byte e-mail is NO load on our servers or infrastructure.
It is a load only on the receiving party.
What I might like to see implemented though is this:
I will run a public in-box to which you must deposit 30 cents with each e-mail you send to it. My friends can just get it back at an appropriate time (since the micropayment architecture allows for zero-fee transactions, they're just entries in a database), or via the e-mails that I send to them in reply, and the businesses that I do business with can just charge me 30 cents more to pay for the privilege of learning about their product, but the businesses that I DON'T want anything to do with will either stop bothering me, or pay me nicely for my time -- I'll glance at 20 subjects, decide I'm not interested in any of them, and wa-la, I've made $6 in ten seconds.
This will have a bunch of good effects:
1. Illegal spam will be traceable to a source, since SOMEBODY's account is making me those micropayments.
2. I will see more products I'm interested in, since companies will have 0 cost of printing advertising materials, only the shipping. Whereas I get some interesting postal junk mail now, I will get more interesting junk e-mail if you remove the cost of printing. Also, instead of the advertisers paying the us postal service, they will be paying me.
3. I will be paid back for what I'm paying my ISP in order for it to uphold my end of the mail infrastructure.
4. etc.
It also shouldn't be that hard to establish this kind of a micro-payment system. Imagine this:
Here is a nonprofit company, xyz, that keeps monetary entries in a database, you can make any transaction for free, but you can only deposit or withdraw money in increments of $50. This keeps enough money in xyz's bank to pay, via interest, the transaction costs of writing out and receiving checks.
This is also a good way of paying artists. I'll send you 5 cents, and when enough people have sent you five cents, you can get a check out of it.
(Of course, to start sending people 5 cents, I will first have to deposit $50, but that's a small detail...also, if I REALLY want my $1.50 out, I can give it to someone I know who has over $50, so that the next time they take out money, they'll take out that much more and give it to me.)
We can even do it so that you don't even need to register to start receiving payments. I can simply mail cmdrtaco@slashdot.org $0.05, and he won't even know about it unless his e-mail receives more than $5, at which time he'll be reminded, once, via e-mail, that he has that much in, and that when it reaches $50, he can withdraw it. Authenticating the e-mail works the same way it does today for sending a gift-certificate to an e-mail address via amazon. You send an only-usable-once URL that requires information from the e-mail in which it appears in order to authenticate.
The best part is, a lot of e-mails might only ever receive less than $50, because people stop caring or the e-mail becomes shut down. In this case, the money just stays in xyz's coffers, to help finance the operation, until the end of time, or until the paying party retracts the money (since it is to an UNVERIFIED e-mail), whichever comes first.
It's a lot better than paypal, which "charges a transaction fee just for changing a number in one of its databases", to paraphrase someone I read on slashdot earlier.
What do we all think? Micropayments for everyone? (Miniature american flags for others.)
I know a BUNCH of famous people I'd instantly donate a dollar or two to, of whom presently I have only the e-mail address...
Marvellous...
(yes, voila.)
Here in Germany, junk mails (e-mails, that is) are considered the same as junk faxes legally. It doesn't help much, though: Either you can't trace the spammers, or they're sitting in some obscure Caribbean country where your legislation has no power.
Being primarily a phone system transmitted medium, why can't unsolicited junk email be regulated and controlled like junk fax?
It probably could. One reason it shouldn't be is because unlike telephone companies which are common carriers, ISPs can set their own regulations with regard to what content they will allow over their wires.
People complaining about spam is becoming more and more of a problem with today's World Wide Web. I used to find the Web a valuable resource, but even with moderation and junkbuster proxies I spend more time reading people's complaints about the amount of spam they get than I do reading real news.
Seriously though, the amount of spam people receive just isn't a problem. The folks who like to complain about it are just doing it to brag about how much time they spend on line and how connected they are. Enacting laws to charge spam senders for sending mail to individuals is silly; it'll cause more problems than it solves.
Where spam really does cause problems is when unscrupulous emailers hijack people's connections to send masses of email. The cost in time and bandwidth to receive an individual email and delete is is trivial, and trying to enact regulations to fine senders for this would cause more problems than it solves. It would be much more effective to enact regulation to make it a crime to bounce spam through open mail relays or in any other way use someone else's bandwidth to send spam. The cost of the bandwidth is much greater at that end, and imposing fines for misusing it would be a more proportionate and effective deterrant.
The real question, is why aren't you?
The reason that junk Faxes are against the law is because of the problems people were having with coming to work and finding a $50 roll of thermal fax paper spewed from their fax machines covered with nothing but essentially the content of most spam we're seeing today. This is a very real cost that you can put a figure on, and very definately was more expensive for the recipient to deal with. I remember hearing some stories of fax machines being tied up for hours with junk faxes.
The problem with spam is that it is hard to put a measurable cost on it, at least for the couple that the average joe gets a day. Plus, regulation in the US will just move the problem overseas in a lot of cases.
That said, I'm convinced that there is a very real cost to spam. I run spamassassin and literally get 200-300 spam messages in my spam folder every day, plus another 20-30 or so which spamassassin didn't catch. Conversely, I get about 20 legitimate emails a day.
On the mail server for the ISP I am the sysadmin for, spamassassin tags 75% of the messages we recieve as spam. We just spent $4000 buying hardware for our new mail server. If we had 25% of the load, we could have probably gotten away with a $1000 mail server instead.
Not to mention the times that a spammer decides to dump 10,000 messages on us within a 1/2 hour taking our mail server down to a crawl.
I'm hard pressed to come up with a workable, implementable solution which has any chance of working long term. Legislation has its problems. Technical solutions are a loosing battle on the filtering front. Economic solutions with advocate micropayments or similar (hashcash, etc) need to reach some sort of critical mass before they will help - but noone wants to implement them until they will. And so on.
There *has* to be a solution to this problem out there that someone hasn't come up with yet (or at least hasn't publicised properly).
I've been using this system for several weeks. I now send out about 100 autoreplies each day (all those used to be spam in my inbox). I now get about 5 spam a day and I'm working to disable some of those addresses. (I still have to find a way to deal with bugzilla since it requires a public email address)
You could charge for Email, something small and insignificant to the average (or even hardcore) user, but expensive to the bulk 1,000,000 mail a day spammer.
Of course this would only make sense if Spam were sent through a normal user account, rather than a cracked box or open relay. Back to the drawing board.
Maybe it's because I host my own mail domain (the server deletes mail with obviously forged headers, "make money fast" or "send this to everybody in your" in the body,
It helps to use a different address per sender. For instance, I use ebay.com@domain for my ebay account, and if I have to enter a mail address somwhere but don't want to receive mail from it, I use spam@domain, which is a blackhole address. These things make filtering spam much easier, though not everybody wants to or can host their own mail domain of course.
Block lists can excert some pressure on parties to fix their spam problem. RBL tried to excert pressure on ISPs, it worked for a while before they got toothless. SPEWS has fallen down on the opposite side, blocking too much is degrading the value of the block list.
However, I wouldn't mind blocking some obscure Caribbean country at my mailserver entirely, and if enough people did, they would have to enact good legislation, or find themselves isolated from the world. I think that pressure would work.
However, this can't be effective right now, because most of the spam is coming from the US, and it is harder to block the US back to the stone age.... Therefore, I think some clueful US legislation is the key to the spam problem. Unfortunately, leading legal scholars doesn't seem to have much confidence in that the US will enact anything clueful right now... :-(
Employee of Inrupt, Project Release Manager and Community Manager for Solid
. . . a rhetorical question. Then watch the masses agree furiously.
Don't preach to the choir if you're looking for counter-points.
Honestly, in this day and age a 2,000 byte e-mail is NO load on our servers or infrastructure.
:)
Ask the big boys if spam is a problem. The services like AOL, MSN/Hotmail, Earthlink, etc... ask them if "in this day and age a 2,000 byte email is NO load" on their servers or infrastructure.
It's a BIG load and a huge headache.
The problem is that 2KB might not be a lot, but 1,000,000 2KB emails *IS*, and who is footing the bill to process that crap? The consumers that pay for email service, NOT the people sending the spam.
When you force other people to pay for something, when you give them no choice, that's illegal.
(Unless you're the government!
"And like that
At least we do where I work... its basically people with the fax equivalent of a war dialer sending us bullshit we don't want
tmda. i've been using it for several months and it blocks pretty much all spam i get. currently my tmda pending directory has over 700 files which are all most likely spam. i hold them for a week and then i delete them.
or rather tmda holds them for a week and then cron deletes them.
no one has had trouble reaching me. if you'd like to check out tmda, see here. and if you'd like to see what it's like to email a tmda protected address, mail me at kevin@ie.suberic.net.
btw, i'm not a tmda developer, i just happily use their s/w. it is of course free s/w.
US Citizen living abroad? Register to vote!
Hey, if the RIAA "DoS/Hack P2P copyrighted music traders" bill gets passed, surely we can use this to legitimately net.nuke the spammers into the dirt??? :)
I left my body to science, but I'm afraid they've turned it down...
See real-time (updated every 10 mins) status here.
(please be gentle. I'm only posting this because it's not on the main page...)
S
Theoretically, 47USC227, with it's overly broad interpretation and definition of a fax machine (a computer with a modem or other connection and a printer is a "fax machine"), could be used as a shield against spam. However, I talked to a couple of lawyers on this (and a congressman) and they all agreed that although a computer with the above attached equipment is technically a fax machine under 47USC227, it was not the intent of the law and therefore wouldn't be covered.
But that doesn't stop me from threatening spammers with it since they tend to be the lazy types who don't look that info up (or talk to a lawyer about this stuff). You'd be surprised that I get fewer than 10 spams a day now (it was over 60).
On a side note, I think that forging the "from" address on email to make it appear to have come from the recipient should be identity theft. If they're making emails look like I sent it to myself who's to say that they aren't using my address (which is clearly valid) as the "from" for others...My fiancee has this exact problem (her address looks like a random collection of letters and numbers, but it's not.) Now she's getting a crapload of returned and undeliverable emails. Right, like she spammed out a bunch of pr0n and I didn't know about it....whatever.
> Is regulation the answer? Many people fear such a move, but might it be time to give it some serious thought?
I dont think we'll ever know the answer to that. Oh wait yes we do. No.
Why stick up for big business?
No, regulation is not the answer. There are loads of technological solutions of varying complexity: hash cash, authentication, etc. If we care a lot about Spam, we should be working to decide on a technology and implement it in our mail readers. (There are some, already, like S/MIME, that have a fair amount of deployment.)
Think about what you're saying: Legislate to try to extend the life of a legacy system? We should not be encouranging the government to do this kind of thing. How much do we hate the DMCA? How much will we hate the anti-anonymous e-mail law? Don't we *want* authenticated and encrypted communication anyway? Why do we use ssh for typing commands at our shell (pretty boring to read, except for passwords) but SMTP for our english messages (often much more sensitive!)?
Sure, you could make a law that says "You can not send SPAM to a U.S. Address".
What do you do about that fool in (pick your favorite "other" country)?
Do we send in the Marines to arrest him/her/it?
Do we start to have all of our ISPs block everything from that country in retaliation?
Unfortunately, I see no real solution other than to have our ISPs use some sort of SPAM-blocking software, and to have the attorney generals of the states aggressively go after the fools who spam on illegal activities (chain letters, pump and dump, preteen photos, etc.)
LongTail SSH Brute Force analysis tool is here!
1) In America, the first ammendment protects speech, even commercial speech. As tasteless as spam is, regulating sets a dangerous precedent. Unpopular political speech could be artfully labelled as spam to silent those with differing views. 2) The Internet so far has been regarded as a jurisdiction-free zone. What makes anyone think that US laws at any level could be used to prosecute spammers in other jurisdictions? Would we want that? If the tables were turned, if we were to be subject to France's hard-line anti-speech laws, we would not be happy. Be careful. This is country is about freedom, not about safety or convenience. Freedom should never be abridged for the sake of safety or convenience. If you want that, move to Canada.
But that I recall, this bill was more or less forgotten on the Senate floor.
This sig no verb.
in a footnote it said that it was a SPAM not a fax. The court ignored that issue. There are no cases that an appeals court ruled that the TCPA does not apply to SPAM.
Fight Spammers!
The term is "spam" not "SPAM". Hormel doesn't like it when people dilute their trademarks. That, and the meat deserves more respect than to be associated with the evils of unsolicited mail.
While junk email clogs our mail servers and steals the bandwidth we pay for, we're constantly facing higher rates for snail-mail. It's time congress gave the USPS a monopoly on _all_ commercial mailings. No email, no fax--you want to advertise, you gotta buy a stamp! Perhaps a rate of $0.35 per piece will make them a bit more careful about targeting their ads, instead of spamming the entire known world.
The first amendment doesn't apply at all to spam. Does the first amendment require me to accept a collect call? No. Do I have to buy a book I don't want to protect your right to speak? no. Outlawing spam is not even remotely similar to censoring speech. It is the same as kicking a bum out of your house because he's trespassing.
A lot of the arguments so far seem to be along the lines of "When someone faxes you, it costs you; when they email you, it doesn't, so junk faxes are illegal but spam over email isn't".
But, as reported on slashdot the cable companies are looking to push for us to pay on an amount of bandwidth percentage.
So, what happens when the act of having to download these emails does cost us money? Will the government be more likely to regulate it then?
Personally, I'm expecting not, as there are too many issues with international borders. With faxes, it's easy -- it costs too much to fax spam from out of the country! But email, at least today, is free.
I started getting mail sent to our domain addressed to administrator@domain and billing_contact@domain. These addresses are now blackholed; given that the amount of spam was ridiculous I had no choice.
This illustrates the spammers will do anything, however desperate, to get more free advertising, and people get spammed without doing anything "wrong." There is practically no limit to the amount of spam you can get -- it's just a matter of being found and put on one of those infernal spam-list CD's.
To tell us we need to just work harder or get more "tools" is offensive. Tools either cost money or are beyond the technical expertise of most people. Filtering is now beginnning at the server levels because folks like AOL were clearing 30% spam of all email. They rejected outright a valid (solicited) bulk email from Harvard to its applicants. They do not notify sender of blackholing because that takes even more bandwidth and so often the reply-to is some hapless server with no relation to the spammer. I think AOL's handling is maladroit, but obvious spam causes problems. About 2/3 of the email I get is junk; a friend saw his percentage skyrocket overnight from 5% to 90%.
UCE begs for a solution, and the people to complain to AND advise are your Congresspeople. They can't listen to what they're never told, and you can be sure the direct mail people will be heard. Think about it, you're the experts, and you know a lot more about email than anyone else.
Yeah, I know this really tired argument by just about every spammer; but:
Your right to speak ends where you infringe with my right to be left alone.
You should have the right to stand at a street corner and spew whatever you feel like spewing. You do not have the right to yell into my ear; you do not have the right to spew your message at 3am via loudspeakers in a residential area and you do not have the right to disseminate your message with a bullhorn during a Verdi opera at your local opera house.
If I consider shitting on a carpet as an art form, you'll probably agree that I shouldn't have the right to perform my art on your living room carpet.
There's no need to thank me.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
1. Go to a place with no extradition treaties.
2. Write a virus that closes open relays.
If it seems like the world is run by crazies, that's only because none of you sane people wanted the job.
I recieve about 2 junk faxes every single day, ON MY CELLPHONE from which I have never sent a fax. Why? Because Fax.com found it by wardialing me. The junk fax laws haven't stopped people from sending junk faxes.